The City of Melissa has issued an update regarding a cybersecurity incident involving a retired emergency notification platform used by the municipality. Officials confirmed that the breach occurred within the vendor’s legacy CodeRED system and did not affect any City of Melissa computer systems or data.
According to the vendor, an organized cybercriminal group removed data from the retired environment. While there is currently no evidence that the information has been published on the internet, the possibility of a leak remains. The affected dataset may contain contact details from users of the old system, including names, physical addresses, email addresses, phone numbers, and passwords associated with user profiles.
The legacy CodeRED system has been permanently decommissioned. The vendor reports that the cyberattack caused irreversible damage to the platform, meaning the most recent backup of customer enrollment data is from March 31, 2025. Consequently, residents who enrolled or updated their information after that date may not be included in the system until restoration work is completed.
To ensure continued safety, the vendor has accelerated access to a new platform called CodeRED by Crisis24. This new system operates in a separate environment that has not been compromised. The vendor states that the new platform has undergone a full security audit supported by external experts.
The City of Melissa continues to send emergency notifications through the new CodeRED by Crisis24 platform and TextMyGov. Officials are urging all residents to confirm or update their emergency notification information to ensure they continue receiving alerts.






